What's new
Forums on Intune, SCCM, and Windows 11

Welcome to the forums. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your topics and posts, as well as connect with other members through your own private inbox!

PENDING Windows 10 got different CM update policy when install interactively instead of OSD

C

Crouching Camper

Member
Messages
5
Reaction score
0
Points
1
Hello, first post here. I have been learning SCCM with the help of this site and now I can do software updates, ADM, OSD, etc. But I recently notice something strange when deploying Windows 10 using different method will resulting in having different Windows update policy.

I first push an OSD using PXE and task sequence, which basically install OS, then CM client, then Chrome. Nothing else. When I go to Windows update and look for the policy, I got this:

[1] Intranet Update Service for detecting Updates
[2] Allow connecting to Windows Update Internet locations
[3] Disable all online services for Windows updates except managed services
[4] Do not connect to any Windows Update Internet locations
[5] Do not allow update deferral policies to cause scans against Windows Update

Then I install another Windows 10 VM interactively, join domain, push CM client install. Then I got only 2 Windows update policies:

[1] Intranet Update Service for detecting Updates
[5] Do not allow update deferral policies to cause scans against Windows Update

Anybody has experienced this? I tried to look for those extra GPO for the first VM (I think it is in local group policy) but only [1] and [5] are found.
So where is [2] [3] [4]? and what causes the difference??

Thx in Adv
 

Attachments

  • Install from OSD.png
    Install from OSD.png
    98.2 KB · Views: 6
  • Install interactively then push CM client.png
    Install interactively then push CM client.png
    88.5 KB · Views: 7
Last edited:
Sort by date Sort by votes
Prajwal Desai said:
Are you using GPO to manage updates ?.
Click to expand...
Hi Prajwal, I don't explicitly configure GPO for Windows update. In my domain GPO there is nothing configured. But there are local GPO. My impression is that CM client got its policy from SCCM, then it push it to local GPO.

Regardless of how I set up my Windows 10 (OSD or interactive), only 2 local GPO is found in both VM (see attachment), that's [1] and [5], so what happen to [2][3][4]? Both Windows 10 are in the same Device Collection. I tried to retrieve both machine and user policy in CM client to see if it make any difference, but it doesn't.
 

Attachments

  • local GPO.jpg
    local GPO.jpg
    423.3 KB · Views: 6
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

  • PENDING Turning off Windows Fast Startup feature via settings catalog
  • PENDING SCCM Update shows as failed with 0x8007045B after post update reboot on some endpoints.
  • PENDING Failed to end search job. Error = 0x80244022 ; But IIS is running and optimize
  • PENDING Endpoint detection and response (Server OS)
  • What's new in Microsoft Intune: January 2026

    • Forum statistics

    Threads
    7,186
    Messages
    28,048
    Members
    18,326
    Latest member
    landry

    Latest posts

    Trending content
    Back
    Top